Android malware infects security app
Is Google fighting a losing battle against malware? Reports are out that a version of Google's very own Android Market Security Tool has some fishy code in it as well. Security company Symantec, which identified the code, found this version of the app on a third-party Chinese marketplace. The infected version has thus far only shown up on marketplaces in China.
Symantec said that the code is actually hosted on Google code and licensed under an Apache license. The infected code seems to be able to send SMS messages if instructed. Symantec has identified the trojan version of the code as Android.Bgserv.
Sophos, another Internet security firm, has published some key differences between the apps. Google's official app will only ask you for three permissions, while the infected version will ask permissions for "Services that cost you money." Plus, the Google tool is version 2.5, whereas the fake version lists itself as a version 1.5 app.
Google pushed out the original app to all users who downloaded apps affected by the Droid Dream virus. The company pulled about 50 apps from its marketplace and used a kill switch to remove the apps from afflicted handsets.
| March 10, 2011; 4:08 PM ET
Categories: Android, Google
Save & Share: Previous: Motorola's Xoom tablet is no iPad -- much less an iPad 2
Next: Kinect breaks sales record